Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/03/28 4:59 p.m.5 views

CVE-2026-4982

A user with permission "update world" in any Venueless world is able to exfiltrate chat messages from direct messages or channels in other worlds on the same server due to a bug in the reporting feature. The exploitability is limited by the fact that the attacker needs to know the internal channe...

7.3CVSS5.9AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 2026/03/27 1:16 p.m.3 views

CVE-2026-4982

A user with permission "update world" in any Venueless world is able to exfiltrate chat messages from direct messages or channels in other worlds on the same server due to a bug in the reporting feature. The exploitability is limited by the fact that the attacker needs to know the internal channe...

7.3CVSS0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/27 12:32 p.m.4 views

EUVD-2026-16593

A user with permission "update world" in any Venueless world is able to exfiltrate chat messages from direct messages or channels in other worlds on the same server due to a bug in the reporting feature. The exploitability is limited by the fact that the attacker needs to know the internal channe...

7.3CVSS5.9AI score0.00247EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:32 p.m.1 views

CVE-2026-4982

A user with permission "update world" in any Venueless world is able to exfiltrate chat messages from direct messages or channels in other worlds on the same server due to a bug in the reporting feature. The exploitability is limited by the fact that the attacker needs to know the internal channe...

7.3CVSS5.9AI score0.00247EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/27 12:32 p.m.1 views

CVE-2026-4982 Unauthorized access to chat contents

A user with permission "update world" in any Venueless world is able to exfiltrate chat messages from direct messages or channels in other worlds on the same server due to a bug in the reporting feature. The exploitability is limited by the fact that the attacker needs to know the internal channe...

7.3CVSS5.9AI score0.00247EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.3 views

PT-2026-28703

Name of the Vulnerable Software and Affected Versions Venueless affected versions not specified Description A user possessing the "update world" permission within any Venueless world can potentially extract chat messages from direct messages or channels in other worlds on the same server. This is...

7.3CVSS5.9AI score0.00247EPSS
Exploits0References3
Rows per page
Query Builder